Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed.
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-02
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-02